fhwaterandice.com Open in urlscan Pro
104.148.97.121 Public Scan

URL:
http://fhwaterandice.com/
Submission: On June 18 via api (June 18th 2020, 1:13:16 pm UTC) from US

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 27 HTTP transactions. The main IP is 104.148.97.121, located in Los Angeles, United States and belongs to LAYER-HOST, US. The main domain is fhwaterandice.com.

This is the only time fhwaterandice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.148.97.121 104.148.97.121	46573 (LAYER-HOST) (LAYER-HOST)
1 2	168.63.137.100 168.63.137.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
27	4

2 104.148.97.121 (Los Angeles, United States)

ASN46573 (LAYER-HOST, US)

fhwaterandice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.63.137.100 (Central, Hong Kong) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cp585a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	baidu.com hm.baidu.com	14 KB
2	cp585a.com 1 redirects cp585a.com	287 B
2	fhwaterandice.com fhwaterandice.com	16 KB
27	3

	Domain	Requested by
2	hm.baidu.com	fhwaterandice.com
2	cp585a.com	1 redirects fhwaterandice.com
2	fhwaterandice.com	fhwaterandice.com
27	3

This site contains no links.

Subject Issuer	Validity	Valid
Sectigo RSA Domain Validation Secure Server CA	`2020-05-25` - `2020-10-11`	5 months	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-04-02` - `2021-07-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://fhwaterandice.com/
Frame ID: 302E368C00F7679E79573C8F0DEBC01B
Requests: 26 HTTP requests in this frame

Frame: https://cp585a.com:8014/register?id=79513333
Frame ID: C133F961AFE4551F0A82B1ADAE2E3914
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

27
Requests

11 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

31 kB
Transfer

91 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://cp585a.com/register?id=79513333 HTTP 302
https://cp585a.com:8014/register?id=79513333

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
fhwaterandice.com/ 41 KB
13 KB 19632ms
19393ms Document
text/html 104.148.97.121
LAYER-HOST

General

Check archive.org

Show headers Download Go to

Full URL: http://fhwaterandice.com/
Protocol: HTTP/1.1
Server: 104.148.97.121 Los Angeles, United States, ASN46573 (LAYER-HOST, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 9f861ba2218023e27e4003842b4c566594c46abf0b0cf15d9209bc87e9bfe51d

Request headers

Host: fhwaterandice.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; Charset=gb2312
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDCQBQDCST=OJOCLDHBOBJHKJANACFCAJJJ; path=/
X-Powered-By: ASP.NET
Date: Thu, 18 Jun 2020 05:09:50 GMT
Content-Length: 13217

GET
H/1.1 200
OK html5.js Show response
fhwaterandice.com/ 12 KB
3 KB 330ms
309ms Script
application/x-javascript 104.148.97.121
LAYER-HOST

General

Check archive.org

Show headers Download Go to

Full URL: http://fhwaterandice.com/html5.js
Requested by: Host: fhwaterandice.com
URL: http://fhwaterandice.com/
Protocol: HTTP/1.1
Server: 104.148.97.121 Los Angeles, United States, ASN46573 (LAYER-HOST, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 4ee2ad4c61ff65e389d0e52f0e4b1cd39b11e34ade9e70914cd5e8829f244ebb

Request headers

Referer: http://fhwaterandice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 05:09:50 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jun 2020 11:21:21 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "80e43c5bd3cd61:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 2945

GET base.css
fhwaterandice.com/Site/rlsy/theme/css/ 0
0

GET common.css
fhwaterandice.com/Site/rlsy/theme/css/ 0
0

GET index.css
fhwaterandice.com/Site/rlsy/theme/css/ 0
0

GET jquery-1.11.1.min.js
fhwaterandice.com/Site/rlsy/theme/js/ 0
0

GET fadeImage.js
fhwaterandice.com/Site/rlsy/theme/js/ 0
0

GET jquery.scrollTo.js
fhwaterandice.com/Site/rlsy/theme/js/ 0
0

GET jquery.mousewheel.js
fhwaterandice.com/Site/rlsy/theme/js/ 0
0

GET jquery.SuperSlide.2.1.1.js
fhwaterandice.com/Site/rlsy/theme/js/ 0
0

GET ch.png
fhwaterandice.com/Site/rlsy/theme/images/ 0
0

GET logo.png
fhwaterandice.com/Site/rlsy/theme/images/ 0
0

GET %E9%80%B2%E7%B7%9A%E6%AB%83_%E7%9C%8B%E5%9C%96%E7%8E%8B.jpeg
fhwaterandice.com/Uploads/20160329/ 0
0

GET image-0007_%E7%9C%8B%E5%9C%96%E7%8E%8B_1_.jpeg
fhwaterandice.com/Uploads/20160329/ 0
0

GET DSC01270_%E7%9C%8B%E5%9C%96%E7%8E%8B(1).jpeg
fhwaterandice.com/Uploads/20160329/ 0
0

GET %E9%96%8B%E9%97%9C%E6%AB%832_%E7%9C%8B%E5%9C%96%E7%8E%8B.jpeg
fhwaterandice.com/Uploads/20160330/ 0
0

GET pro1.jpeg
fhwaterandice.com/Uploads/other/rlsy/20160111/ 0
0

GET pro2.jpeg
fhwaterandice.com/Uploads/other/rlsy/20160111/ 0
0

GET pro3.jpeg
fhwaterandice.com/Uploads/other/rlsy/20160111/ 0
0

GET pro4.jpeg
fhwaterandice.com/Uploads/other/rlsy/20160111/ 0
0

GET Redocn_2015042314015202.jpeg
fhwaterandice.com/Uploads/kindeditor/image/20160408/ 0
0

GET top.png
fhwaterandice.com/Site/rlsy/theme/images/ 0
0

GET code.png
fhwaterandice.com/Site/rlsy/theme/images/ 0
0

GET code11.png
fhwaterandice.com/Uploads/kindeditor/image/20160318/ 0
0

GET
H/1.1

200
OK

https://cp585a.com/register?id=79513333
https://cp585a.com:8014/register?id=79513333

0
0

627ms
209ms

Document
text/html

168.63.137.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cp585a.com:8014/register?id=79513333

Requested by

Host: fhwaterandice.com
URL: http://fhwaterandice.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.63.137.100 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: cp585a.com:8014
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://fhwaterandice.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://fhwaterandice.com/

Response headers

Server: nginx
Date: Thu, 18 Jun 2020 13:12:59 GMT
Content-Type: text/html
Last-Modified: Mon, 15 Jun 2020 16:53:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ee7a799-2d4f"
A: C192
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 18 Jun 2020 13:12:59 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: https://cp585a.com:8014/register?id=79513333
A: C192
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 38 KB
14 KB 1248ms
611ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?24c85e4e18465c2764843d3bea6ec525

Requested by

Host: fhwaterandice.com
URL: http://fhwaterandice.com/html5.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

12c49303a0b07cb06fc499652a70bb52b9e65e77a1a40decff507ac35bae879e

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://fhwaterandice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 13:12:59 GMT
Content-Encoding: gzip
Server: apache
Etag: 4a562531bdb7898b6f48df0f75f874fa
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 13826

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 390ms
390ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1414439155&si=24c85e4e18465c2764843d3bea6ec525&v=1.2.74&lv=1&sn=51015&r=0&ww=1600&ct=!!&tt=%E5%B9%B8%E8%BF%90%E5%BF%AB3-%E9%A6%96%E9%A1%B5

Requested by

Host: fhwaterandice.com
URL: http://fhwaterandice.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: http://fhwaterandice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 13:13:00 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Site/rlsy/theme/css/base.css

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Site/rlsy/theme/css/common.css

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Site/rlsy/theme/css/index.css

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Site/rlsy/theme/js/jquery-1.11.1.min.js

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Site/rlsy/theme/js/fadeImage.js

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Site/rlsy/theme/js/jquery.scrollTo.js

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Site/rlsy/theme/js/jquery.mousewheel.js

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Site/rlsy/theme/js/jquery.SuperSlide.2.1.1.js

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Site/rlsy/theme/images/ch.png

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Site/rlsy/theme/images/logo.png

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Uploads/20160329/%E9%80%B2%E7%B7%9A%E6%AB%83_%E7%9C%8B%E5%9C%96%E7%8E%8B.jpeg

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Uploads/20160329/image-0007_%E7%9C%8B%E5%9C%96%E7%8E%8B_1_.jpeg

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Uploads/20160329/DSC01270_%E7%9C%8B%E5%9C%96%E7%8E%8B(1).jpeg

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Uploads/20160330/%E9%96%8B%E9%97%9C%E6%AB%832_%E7%9C%8B%E5%9C%96%E7%8E%8B.jpeg

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Uploads/other/rlsy/20160111/pro1.jpeg

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Uploads/other/rlsy/20160111/pro2.jpeg

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Uploads/other/rlsy/20160111/pro3.jpeg

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Uploads/other/rlsy/20160111/pro4.jpeg

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Uploads/kindeditor/image/20160408/Redocn_2015042314015202.jpeg

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Site/rlsy/theme/images/top.png

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Site/rlsy/theme/images/code.png

Domain: fhwaterandice.com
URL: http://fhwaterandice.com/Uploads/kindeditor/image/20160318/code11.png

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cp585a.com
fhwaterandice.com
hm.baidu.com
fhwaterandice.com
103.235.46.191
104.148.97.121
168.63.137.100
12c49303a0b07cb06fc499652a70bb52b9e65e77a1a40decff507ac35bae879e
4ee2ad4c61ff65e389d0e52f0e4b1cd39b11e34ade9e70914cd5e8829f244ebb
9f861ba2218023e27e4003842b4c566594c46abf0b0cf15d9209bc87e9bfe51d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

fhwaterandice.com Open in urlscan Pro 104.148.97.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

27 Requests

11 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

31 kBTransfer

91 kBSize

0 Cookies

0 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

0 Cookies

Indicators

fhwaterandice.com Open in urlscan Pro
104.148.97.121 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

11 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

31 kB
Transfer

91 kB
Size

0
Cookies

27 HTTP transactions
0 data transactions